- bitweaver

Version 3 Current version

Comparing versions
Version 3		Current version
preliminary patch for implementing mail auth, could use some help on fully implementing this within bw. thanx tested on at least bw 1.3.1 can be downloaded at http://people.redhat.com/astokes/patches/bitweaver/mail_auth.patch <?php --- users/admin/admin_login_inc.php.stokes 2006-07-04 21:53:20.000000000 -0400 +++ users/admin/admin_login_inc.php 2006-07-04 22:17:08.000000000 -0400 @@ -300,4 +300,52 @@ } } +$mailSettings = array( + 'mail_create_user_auth' => array( + 'label' => "Create user if not in Mail server", + 'type' => "checkbox", + 'note' => "", + ), + 'mail_create_gBitDbUser' => array( + 'label' => "Create user if not in bitweaver", + 'type' => "checkbox", + 'note' => "", + ), + 'mail_skip_admin' => array( + 'label' => "Just use bitweaver auth for admin", + 'type' => "checkbox", + 'note' => "", + ), + 'mail_smtp_port' => array( + 'label' => "SMTP port", + 'type' => "text", + 'note' => "", + ), + 'mail_smtp_server' => array( + 'label' => "SMTP Server", + 'type' => "text", + 'note' => "", + ), + 'mail_imap_server' => array( + 'label' => "IMAP Server", + 'type' => "text", + 'note' => "", + ), + 'mail_imap_port' => array( + 'label' => "IMAP Port", + 'type' => "text", + 'note' => "", + ), +); +$gBitSmarty->assign( 'mailSettings', $mailSettings ); + +if( !empty( $_REQUEST["mail_submit"] ) ) { + foreach( array_keys( $mailSettings ) as $feature ) { + if( $mailSettings[$feature]['type'] == 'text' ) { + simple_set_value( $feature, USERS_PKG_NAME ); + } else { + simple_set_toggle( $feature, USERS_PKG_NAME ); + } + } +} ?> --- users/admin/schema_inc.php.stokes 2006-07-04 22:07:40.000000000 -0400 +++ users/admin/schema_inc.php 2006-07-04 22:15:11.000000000 -0400 @@ -273,6 +273,14 @@ array(USERS_PKG_NAME,'auth_ldap_useroc','inetOrgPerson'), array(USERS_PKG_NAME,'auth_method','tiki'), array(USERS_PKG_NAME,'auth_skip_admin','y'), + // # Mail Auth additions + array(USERS_PKG_NAME,'mail_create_user_auth','n'), + array(USERS_PKG_NAME,'mail_create_gBitDbUser','n'), + array(USERS_PKG_NAME,'mail_smtp_port','25'), + array(USERS_PKG_NAME,'mail_smtp_server',''), + array(USERS_PKG_NAME,'mail_imap_server',''), + array(USERS_PKG_NAME,'mail_imap_port','993'), + array(USERS_PKG_NAME,'mail_skip_admin','y'), array(USERS_PKG_NAME,'allowRegister','y'), array(USERS_PKG_NAME,'feature_userfiles','n'), array(USERS_PKG_NAME,'forgotPass','y'), --- users/BitUser.php.stokes 2006-07-04 22:11:41.000000000 -0400 +++ users/BitUser.php 2006-07-04 22:44:28.000000000 -0400 @@ -748,6 +748,12 @@ $create_tiki = ($gBitSystem->getPreference("auth_create_gBitDbUser", "n") == "y"); $create_auth = ($gBitSystem->getPreference("auth_create_user_auth", "n") == "y"); $skip_admin = ($gBitSystem->getPreference("auth_skip_admin", "n") == "y"); + // see if we want to use mail auth + $mail_auth = ($gBitSystem->getPreference("mail_submit", "mail") == "mailauth"); + $create__mail_tiki = ($gBitSystem->getPreference("mail_create_gBitDbUser", "n") == "y"); + $create__mail_auth = ($gBitSystem->getPreference("mail_create_user_auth", "n") == "y"); + $skip__mail_admin = ($gBitSystem->getPreference("mail_skip_admin", "n") == "y"); + // first attempt a login via the standard Tiki system $userId = $this->validateBitUser($user, $pass, $challenge, $response); if ($userId) { @@ -782,6 +788,25 @@ } } + if ( !$mail_auth \|\| ($user == "root" && $skip_admin) ) { + // dunno what to put here, nothing to reference - stokes + } elseif ( $mail_auth ) { + $result = $this->validateMail($user,$pass); + switch ($result) { + case USER_VALID: + unset($this->mErrors['login']); + $userAuthValid = true; + $userAuthPresent = true; + break; + case PASSWORD_INCORRECT: + $this->mErrors['login'] = 'password incorrect'; + $userAuthPresent = true; + break; + case USER_NOT_FOUND: + // disabled for w/e reason + break; + } + } /* echo "userId: $userId "; echo "auth_pear: $auth_pear "; @@ -908,6 +933,23 @@ return $ret; } + function validateMail($user,$pass) { + global $gBitSystem; + // just make sure we're supposed to be here + if ($gBitSystem->getPreference("mail_submit", "mail") != "mailauth") + return false; + $options["host"] = $gBitSystem->getPreference("mail_imap_server", ""); + $options["port"] = $gBitSystem->getPreference("mail_imap_port", "993"); + + $imapauth = imap_open('{'.$options['host']."/ssl/novalidate-cert".':'.$options["port"].'}INBOX',$user , $pass); + if (!$imapauth) { + print_r(imap_errors()); + $ret=USER_NOT_FOUND; + } else { + $ret=USER_VALID; + } + return $ret; + } // validate the user in the bitweaver database - validation is case insensitive, and we like it that way! function validateBitUser( $pLogin, $pass, $challenge, $response ) { global $gBitSystem; --- users/templates/admin_login.tpl.stokes 2006-07-04 21:41:14.000000000 -0400 +++ users/templates/admin_login.tpl 2006-07-04 22:05:45.000000000 -0400 @@ -10,6 +10,7 @@ <option value="tiki" {if $auth_method eq 'tiki'} selected="selected"{/if}>{tr}Just bitweaver{/tr}</option> <option value="ws" {if $auth_method eq 'ws'} selected="selected"{/if}>{tr}Web Server{/tr}</option> <option value="auth" {if $auth_method eq 'auth'} selected="selected"{/if}>{tr}bitweaver and PEAR::Auth{/tr}</option> + <option value="mail" {if $auth_method eq 'mail'} selected="selected"{/if}>{tr}bitweaver and mail{/tr}</option> </select> {formhelp note=""} {/forminput} @@ -148,4 +149,27 @@ </div> {/form} {/jstab} + {jstab title="Mail Authentication"} + {form legend="Mail Authentication"} + <input type="hidden" name="page" value="{$page}" /> + {foreach from=$mailSettings key=feature item=output} + <div class="row"> + {formlabel label=`$output.label` for=$feature} + {forminput} + {if $output.type == 'text'} + <input type="text" size="50" name="{$feature}" id="{$feature}" value="{$gBitSystemPrefs.$feature\|escape}" /> + {elseif $output.type == 'password'} + <input type="password" size="50" name="{$feature}" id="{$feature}" value="{$gBitSystemPrefs.$feature\|escape}" /> + {else} + {html_checkboxes name="$feature" values="y" checked=`$gBitSystemPrefs.$feature` labels=false id=$feature} + {/if} + {formhelp note=`$output.note` page=`$output.page` link=`$output.link`} + {/forminput} + </div> + {/foreach} + <div class="row submit"> + <input type="submit" name="mail_submit" value="{tr}Change preferences{/tr}" /> + </div> + {/form} + {/jstab} {/jstabs} ?>		preliminary patch for implementing mail auth, could use some help on fully implementing this within bw. thanx tested on at least bw 1.3.1 can be downloaded at http://people.redhat.com/astokes/patches/bitweaver/mail_auth.patch Patch is now full functional, yes there are a couple of workarounds in the patch, however, you have the ability to define imap server, port, stmp port, server, and it should validate against that and allow you to login. now you have an extra authentication mechanism :)


<?php
--- users/admin/admin_login_inc.php.stokes    2006-07-04 21:53:20.000000000 -0400
+++ users/admin/admin_login_inc.php    2006-07-04 22:17:08.000000000 -0400
@@ -300,4 +300,52 @@
     }
 }

+$mailSettings = array(
+    'mail_create_user_auth' => array(
+        'label' => "Create user if not in Mail server",
+        'type' => "checkbox",
+        'note' => "",
+    ),
+    'mail_create_gBitDbUser' => array(
+        'label' => "Create user if not in bitweaver",
+        'type' => "checkbox",
+        'note' => "",
+    ),
+    'mail_skip_admin' => array(
+        'label' => "Just use bitweaver auth for admin",
+        'type' => "checkbox",
+        'note' => "",
+    ),
+    'mail_smtp_port' => array(
+        'label' => "SMTP port",
+        'type' => "text",
+        'note' => "",
+    ),
+    'mail_smtp_server' => array(
+        'label' => "SMTP Server",
+        'type' => "text",
+        'note' => "",
+    ),
+    'mail_imap_server' => array(
+        'label' => "IMAP Server",
+        'type' => "text",
+        'note' => "",
+    ),
+    'mail_imap_port' => array(
+        'label' => "IMAP Port",
+        'type' => "text",
+        'note' => "",
+    ),
+);
+$gBitSmarty->assign( 'mailSettings', $mailSettings );
+
+if( !empty( $_REQUEST["mail_submit"] ) ) {
+    foreach( array_keys( $mailSettings ) as $feature ) {
+        if( $mailSettings[$feature]['type'] == 'text' ) {
+            simple_set_value( $feature, USERS_PKG_NAME );
+        } else {
+            simple_set_toggle( $feature, USERS_PKG_NAME );
+        }
+    }
+}
 ?>
--- users/admin/schema_inc.php.stokes    2006-07-04 22:07:40.000000000 -0400
+++ users/admin/schema_inc.php    2006-07-04 22:15:11.000000000 -0400
@@ -273,6 +273,14 @@
     array(USERS_PKG_NAME,'auth_ldap_useroc','inetOrgPerson'),
     array(USERS_PKG_NAME,'auth_method','tiki'),
     array(USERS_PKG_NAME,'auth_skip_admin','y'),
+    // # Mail Auth additions
+    array(USERS_PKG_NAME,'mail_create_user_auth','n'),
+    array(USERS_PKG_NAME,'mail_create_gBitDbUser','n'),
+    array(USERS_PKG_NAME,'mail_smtp_port','25'),
+    array(USERS_PKG_NAME,'mail_smtp_server',''),
+    array(USERS_PKG_NAME,'mail_imap_server',''),
+    array(USERS_PKG_NAME,'mail_imap_port','993'),
+    array(USERS_PKG_NAME,'mail_skip_admin','y'),
     array(USERS_PKG_NAME,'allowRegister','y'),
     array(USERS_PKG_NAME,'feature_userfiles','n'),
     array(USERS_PKG_NAME,'forgotPass','y'),
--- users/BitUser.php.stokes    2006-07-04 22:11:41.000000000 -0400
+++ users/BitUser.php    2006-07-04 22:44:28.000000000 -0400
@@ -748,6 +748,12 @@
         $create_tiki = ($gBitSystem->getPreference("auth_create_gBitDbUser", "n") == "y");
         $create_auth = ($gBitSystem->getPreference("auth_create_user_auth", "n") == "y");
         $skip_admin = ($gBitSystem->getPreference("auth_skip_admin", "n") == "y");
+        // see if we want to use mail auth
+        $mail_auth = ($gBitSystem->getPreference("mail_submit", "mail") == "mailauth");
+        $create__mail_tiki = ($gBitSystem->getPreference("mail_create_gBitDbUser", "n") == "y");
+        $create__mail_auth = ($gBitSystem->getPreference("mail_create_user_auth", "n") == "y");
+        $skip__mail_admin = ($gBitSystem->getPreference("mail_skip_admin", "n") == "y");
+
         // first attempt a login via the standard Tiki system
         $userId = $this->validateBitUser($user, $pass, $challenge, $response);
         if ($userId) {
@@ -782,6 +788,25 @@

             }
         }
+        if ( !$mail_auth || ($user == "root" && $skip_admin) ) {
+            // dunno what to put here, nothing to reference - stokes
+        } elseif ( $mail_auth ) {
+            $result = $this->validateMail($user,$pass);
+            switch ($result) {
+                case USER_VALID:
+                    unset($this->mErrors['login']);
+                    $userAuthValid = true;
+                    $userAuthPresent = true;
+                    break;
+                case PASSWORD_INCORRECT:
+                    $this->mErrors['login'] = 'password incorrect';
+                    $userAuthPresent = true;
+                    break;
+                case USER_NOT_FOUND:
+                    // disabled for w/e reason
+                    break;
+            }
+        }
 /*
 echo "userId: $userId
";
 echo "auth_pear: $auth_pear
";
@@ -908,6 +933,23 @@
         return $ret;
     }

+    function validateMail($user,$pass) {
+        global $gBitSystem;
+        // just make sure we're supposed to be here
+        if ($gBitSystem->getPreference("mail_submit", "mail") != "mailauth")
+            return false;
+        $options["host"] = $gBitSystem->getPreference("mail_imap_server", "");
+        $options["port"] = $gBitSystem->getPreference("mail_imap_port", "993");
+
+        $imapauth = imap_open('{'.$options['host']."/ssl/novalidate-cert".':'.$options["port"].'}INBOX',$user , $pass);
+        if (!$imapauth) {
+            print_r(imap_errors());
+            $ret=USER_NOT_FOUND;
+        } else {
+            $ret=USER_VALID;
+        }
+        return $ret;
+    }
     // validate the user in the bitweaver database - validation is case insensitive, and we like it that way!
     function validateBitUser( $pLogin, $pass, $challenge, $response ) {
         global $gBitSystem;
--- users/templates/admin_login.tpl.stokes    2006-07-04 21:41:14.000000000 -0400
+++ users/templates/admin_login.tpl    2006-07-04 22:05:45.000000000 -0400
@@ -10,6 +10,7 @@
                         <option value="tiki" {if $auth_method eq 'tiki'} selected="selected"{/if}>{tr}Just bitweaver{/tr}</option>
                         <option value="ws" {if $auth_method eq 'ws'} selected="selected"{/if}>{tr}Web Server{/tr}</option>
                         <option value="auth" {if $auth_method eq 'auth'} selected="selected"{/if}>{tr}bitweaver and PEAR::Auth{/tr}</option>
+                        <option value="mail" {if $auth_method eq 'mail'} selected="selected"{/if}>{tr}bitweaver and mail{/tr}</option>
                     </select>
                     {formhelp note=""}
                 {/forminput}
@@ -148,4 +149,27 @@
             </div>
         {/form}
     {/jstab}
+    {jstab title="Mail Authentication"}
+        {form legend="Mail Authentication"}
+        <input type="hidden" name="page" value="{$page}" />
+            {foreach from=$mailSettings key=feature item=output}
+                <div class="row">
+                    {formlabel label=`$output.label` for=$feature}
+                    {forminput}
+                        {if $output.type == 'text'}
+                            <input type="text" size="50" name="{$feature}" id="{$feature}" value="{$gBitSystemPrefs.$feature|escape}" />
+                        {elseif $output.type == 'password'}
+                            <input type="password" size="50" name="{$feature}" id="{$feature}" value="{$gBitSystemPrefs.$feature|escape}" />
+                        {else}
+                            {html_checkboxes name="$feature" values="y" checked=`$gBitSystemPrefs.$feature` labels=false id=$feature}
+                        {/if}
+                        {formhelp note=`$output.note` page=`$output.page` link=`$output.link`}
+                    {/forminput}
+                </div>
+            {/foreach}
+            <div class="row submit">
+                <input type="submit" name="mail_submit" value="{tr}Change preferences{/tr}" />
+            </div>
+        {/form}
+    {/jstab}
 {/jstabs}
?>

preliminary patch for implementing mail auth, could use some help on fully implementing this within bw. thanx

tested on at least bw 1.3.1

can be downloaded at http://people.redhat.com/astokes/patches/bitweaver/mail_auth.patch

Patch is now full functional, yes there are a couple of workarounds in the patch, however, you have the ability to define imap server, port, stmp port, server, and it should validate against that and allow you to login.

now you have an extra authentication mechanism :)

Page History
Date/Comment	User	IP	Version
05 Jul 2006 (16:35 UTC) —	adam stokes	66.187.233.202	5
Current • Source
05 Jul 2006 (15:26 UTC) —	adam stokes	66.187.233.202	4
View • Compare • Difference • Source
05 Jul 2006 (03:20 UTC) —	adam stokes	66.187.233.202	3
View • Compare • Difference • Source

History of Mail Authentication patch